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CLAIM AMENDMENTS 

This listing of claims will replace all prior versions and listings of claims in the 
application. 
Listing of Claims 

1. (Currently Amended) A method of metering fee-a packet rate of a packet flow, 
comprising the steps of: 

a) -configuring a packet rate limit for an ACL (access control list) interface, defined by a 
maximum number of packets Pmax acceptable in a time interval Thresh; 

b) -counting the-ajiumber of packets P received at said ACL interface; 
e)-discarding all packets arriving at said AC L interface after has been reached; and 
d)-placing the discarded packets in an extraction queue for furth e r examination : and 

examining packets in said extraction queue to determine a cause of a packet rate 

exceeding said packet rate limit . 

2. (Original) The method of claim 1 , wherein P^x and T re f reS h are configurable. 

3. (Currently Amended) The method of claim 1, wh e r e in st e p b) comprises: further 
comprising the steps of: 

providing a packet rate limit counter at said ACL interface;-and 

initiating said counter at a value StartCount; 
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incrementing &e- said counter with each received packet of said packet flow to provide a 

CurrentCountrara k and 

resetting said counter at said time int e rvals interval T W^. 

4. (Currently Amended) The method of claim 3, wh e r e in step c) compris e s further 
comprising the step of: 

discarding all packets arriving at said ACL interface after said counter reached a 

saturation value CountSat. 

5. (Currently Amended) The method of claim 3, wher e in st e p c) compris e s further 
comprising the steps of : 

discarding all packets arriving at said counter after said counter reached a saturation 

value CountSat; and 

counting the number of the packets discarded since said counter r e ach e s reached said 

saturation value until said time interval T re f r esh. 

6. (Original) The method of claim 5, wherein counting of the discarded packets is 
performed with said counter. 

7. (Canceled) 
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8. (Withdrawn) For an access control list (ACL) unit provided at a router controlling which 
IP packets of a packet flow are allowed to enter an IP network based on a plurality of rules, a rate 
limiting ACL rule comprising: 

operating said interface according to an "accept and discard" action, when each packet is 
accepted or discarded based on a packet rate limit; 

operating said interface according to an "accept with extraction" action when each packet 
is accepted or extracted based on said packet rate limit; and 

placing each extracted packet in an extraction queue for further examination. 

9. (Withdrawn) The method of claim 8, wherein said packet rate limit is defined as the 
maximum number of packets Pmax acceptable in a time interval T re frresh. 

1 0. (Withdrawn) The method of claim 9, wherein said rate limiting rule further comprises 
operating said interface according to a "deny and discard" action, when each packet received at 
said counter during said time interval T refrrcS h, and which is in excess of said P max , is denied 
access and discarded. 

1 1 . (Withdrawn) The method of claim 9, wherein said rate limiting rule further comprises 
operating said interface according to a "deny and extract" action, when each packet received at 
said counter in excess of said P^x during said time interval T re f r csh> is denied access to said IP 
network and extracted for further examination. 
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12. (Withdrawn) The of claim 9, wherein said "accept and discard" action comprises: 
initiating a packet rate limiting counter to a CountStart value; 

counting each packet with said counter to provide a CurrentCount value indicative of the 
number of packets received over said interface until saturation CountSat of said counter is 
reached; 

allowing each said packet that has CurrentCount less than said CountSat within said time 
interval T refres h; and 

discarding each said packet arrived at said counter after saturation of Said counter and 
before the beginning of a next time interval Tref rcs h. 

13. (Withdrawn) A line card for a router connected to an IP network, comprising, for each 
interface on said line card; 

a packet forwarding ASIC with an access control list (ACL) unit provided for controlling 
which IP packets are allowed to enter or exit an IP network based on a plurality of rules; 

a packet rate limit counter in said ACL unit for measuring the packet rate of a packet 
flow; and 

a housekeeping processor for operating said counter to implement an access control rate 
limiting rule for said packet flow. 
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14. (Withdrawn) The line card of claim 13, wherein said counter comprises a packet counter 
field for counting each packet received in said packet flow, and a state register field for 
determining the action to be performed on said packet. 

1 5 . (Withdrawn) The line card of claim 1 3 , wherein said counter comprises a 1 3-bit packet 
counter field for counting each packet received in said packet flow, and a 3 -bit state register field 
for determining the action to be performed on said packet, wherein said state register occupies 
the most significant bits of each said counter. 

16. (Withdrawn) The line card of claim 13, wherein said housekeeping processor comprises 
means for resetting said packet counter field at a present interval of time T re f reS h. 

1 7. (Wi thdrawn) The line card of claim 1 3, wherein said housekeeping processor comprises 
means for presetting said packet counter field at a start value StartCount each given interval of 

time Trcfrcsh. 

1 8. (Withdrawn) The line card of claim 13, wherein said housekeeping processor comprises 
means for setting said state register field to an action value that determines the operation state of 
said ACL unit. 
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19. (Withdrawn) The line card of claim 18, wherein said housekeeping processor sets said 
action value to indicates one of an "accept and discard" and an "accept with extract" action, 
when said packet counter field counts each incoming packet until saturation of said counter. 

20. (Withdrawn) The line card of claim 19, wherein said ACL unit sets said action value to 
indicates one of an "discard" and an "extract" action, when said counter filed is saturated, while 
said ACL unit denies access to each said packet. 

2 1 . (Withdrawn) In an ACL unit provided at a router for controlling which IP packets are 
allowed to enter/exit an IP network based on a plurality of rules, a counter for measuring the 
packet rate of a packet flow, comprising: 

a packet counter field for counting each packet in said packet flow; and « 
a state register field for determining the action to be performed on each said packet. 

22. (Withdrawn) The counter of claim 21, wherein said state register field occupies the 3- 
most significant bits of said counter and said packet counter field occupies the reminder of 13 
bits. 
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